CVE-2014-9596 Information

Description

Panasonic Arbitrator Back-End Server (BES) MK 2.0 VPU before 9.3.1 build 4.08.003.0 when USB Wi-Fi or Direct LAN is enabled and MK 3.0 VPU before 9.3.1 build 5.06.000.0 when Embedded Wi-Fi or Direct LAN is enabled does not use encryption which allows remote attackers to obtain sensitive information by sniffing the network for client-server traffic as demonstrated by Active Directory credential information.

Reference

http://us2.campaign-archive1.com/?u=8c9cff2e712e3b7d09a07ecef&id=21f059b3ab http://www.kb.cert.org/vuls/id/117604